<?php
if(isset($_GET['get'])){
   $_GET['get']=  stripcslashes($_GET['get']);
   $aaa=  explode("AAAZZZ", $_GET['get']);
   if(time()-$aaa[1]>60) die( " Erroare! Linkul a expirat! ");
   $fullPath = dirname(__FILE__)."/tmp/".$aaa[0];
   if(is_readable($fullPath)) $fd = fopen ($fullPath, "rb");
   else die('File cannot be found!');
	if (is_resource($fd)) {
		$fsize = filesize($fullPath);
		$path_parts = pathinfo($fullPath); 
		$ext = strtolower($path_parts["extension"]); 
		switch ($ext) {
			case "png":
			case "bmp":
			case "gif":
			header("Content-type: image/".$ext.""); 
			header("Content-Disposition: attachment; filename=\"".$path_parts["basename"]."\"");
			break;
			case "pdf":
			header("Content-type: application/pdf");
			header("Content-Disposition: attachment; filename=\"".$path_parts["basename"]."\""); 
			break;
			case "zip":
			header("Content-type: application/zip"); 
			header("Content-Disposition: filename=\"".$path_parts["basename"]."\"");
			break;
			default;
			header("Content-type: application/octet-stream");
			header("Content-Disposition: filename=\"".$path_parts["basename"]."\"");
		}
		header("Content-length: $fsize");
		header("Cache-control: private"); 
		while(!feof($fd)) {
			$buffer = fread($fd, 512);
			echo $buffer;
		}
	}
	fclose ($fd);
      
        exit;
   
   
}


error_reporting(E_ALL);
ini_set('display_errors', '1');
$a = session_id();if(empty($a)) session_start();
include_once dirname(__FILE__).'/class/functions.php';
include_once(dirname(__FILE__).'/class/upload_class.php');
require_once dirname(__FILE__).'/class/user.class.php';

$logat = is_logat();
$db = new stdb();
if(isset($_SESSION['userc']))
$user=unserialize($_SESSION['userc']);


$adm=0;
if( $_SESSION['logat'] == "admin" )
        $adm=1;
if(isset($_GET['action'])&&isset($_GET['id'])&&$adm){
 mysql_safer();   
 $fid=intval($_GET['id']); 
 if(!strcmp(($_GET['action']),'delete')){
     $db->q("DELETE FROM `file_table` WHERE `FID` = '".$fid."'");     
     die("Fisier sters! <a href='".$path."boss/p_downloads.php'>");
 }
 else die("Actiune nepermisa!");   
 
}

?>
<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <link rel="icon" href="favicon.jpg" type="image/gif" sizes="16x16" /> 
        <link rel="stylesheet" type="text/css" href="./style/style.css" />
        <title></title>
    </head>
    <body>
        <? 
       what_header();

                    ?>
        <div id="content">
            <div id="content_inside">
                    <div id="content_inside_sidebar">
                        <ul>
                            <li><a href ="<? echo $path;?>index.php#home_stuff" id="show_home"> Home</a><br />
                            </li><li><a href ="<? echo $path;?>index.php#telefon_stuff" id="show_tel"> Carte Telefon</a><br /></li>
                            <li><a href ="<? echo $path;?>index.php#rezervari_stuff" id="show_rezerv"> Rezervari</a><br /></li>    
                            <li><a href ="<? echo $path;?>index.php#download_stuff" id="show_down"> Downloads</a><br /></li> 
                                           
                         </ul>
                                 
                    </div>
            <div id="content_inside_main">
                <?
                $fid=-1;
                mysql_safer();
                if(isset($_GET['id'])){
                   $fid=intval($_GET['id']); 
               
                $show="";
    $sql_cauta="SELECT file_table.FID,file_table.nume,categorii.categorie,ani.an,file_table.descriere,file_table.type,utilizatori.username,file_table.data,file_table.nume_scurt FROM file_table INNER JOIN categorii ON file_table.CAT=categorii.CID INNER JOIN ani ON file_table.AN=ani.AID INNER JOIN utilizatori ON file_table.UID=utilizatori.ID WHERE file_table.FID=$fid";
    $show.= "<table style='width:550px;'>";
    $rezultat = $db->q($sql_cauta);
        if(!$rezultat)
           $show.= "N-am gasit nimic!  :(";
        else
        {
            $show.="<tr>";
                    $show.="<th >";
                    $show.="ID";
                    $show.="</th>";
                    $show.="<th>";
                    $show.="Nume";
                    $show.="</th>";
                    $show.="<th >";
                    $show.="Categorie";
                    $show.="</th>";
                    $show.="<th >";
                    $show.="An";
                    $show.="</th>";
                    $show.="<th >";
                    $show.="Descriere";
                    $show.="</th>";
                    $show.="<th >";
                    $show.="Tipul";
                    $show.="</th>";
                    $show.="<th >";
                    $show.="Uploader";
                    $show.="</th>";
                    $show.="<th >";
                    $show.="data";
                    $show.="</th>";
                
           $show.="</tr>";
            
            
            while( $row =  mysql_fetch_array($rezultat) )
            {
               // print_r($row);
                $show.="<tr>";
                for($i=0;$i<8;$i++){
                    $elem=$row[$i];
                    $show.="<td >";
                    if($i==0) {$fid = $row[$i];$title=list_meta($fid,1);}
                     $show.="$elem";
                    $show.="</td>";
                }
                $show.="</tr>";
                $link=$row[8]."AAAZZZ".time();
            }
            $show.="</table>";
            
            $show.="<br/><p> Etichete: $title  </p><br/>";
            $show.="<br/><p><a href='down_show.php?get=".$link."'> Download</a>";
            if($adm) $show.=" | <a href='down_show.php?id=".$fid."&action=delete'>   Delete</a>  | <a href='boss/down_edit.php?id=".$fid."' target='_blank' id='open_pop'>   Edit </a></p><br/>";
        }     
                echo $show;
                
                
                } /// if id   
 
                if($logat){
                ?>
                
                <form>
                    <h3>Comments:</h3>
                    <textarea id="down_com" name="down_com" style="width:550px;border:solid lightgray;">

                    </textarea>
                    <input type="hidden" name="fid" value="<? echo $fid?>"/> 
                    <a href="#" class="grey-button pcb"><span id="com_submit"> Submit</span></a> <br/> <br/>
                </form> 
                <? }?>
                <div id="list_com">
                    <?  echo list_coms($fid);?>
                </div>
                
            </div>

        
        
    </body>
    
    <? footer($adm); ?>
   </html>